package com.kfm.jdbc.day01;

import java.sql.*;

public class Demo04 {

    static {
        try {
            Class.forName("com.mysql.cj.jdbc.Driver");
        } catch (ClassNotFoundException e) {
            throw new RuntimeException(e);
        }
    }

    public static void main(String[] args) {
        String username = "admin";
        String password = "1111' or username = 'admin";

        boolean login = login(username, password);

        if (login) {
            System.out.println("登录成功");
        } else {
            System.out.println("用户名或密码不正确");
        }
    }


    public static boolean login(String username, String password) {
        String url = "jdbc:mysql://localhost:3306/company_info";
        String user = "root";
        String pass = "root";

        try (Connection connection = DriverManager.getConnection(url, user, pass);
             Statement statement = connection.createStatement();
        ) {
            String sql = "select * from login where username = '%s' and password = '%s'".formatted(username, password);
            System.out.println(sql);
            ResultSet resultSet = statement.executeQuery(sql);

            return resultSet.next();

        } catch (SQLException e) {
            throw new RuntimeException(e);
        }

    }
}
